refactor(security): share safe temp media path builder (#20810)

Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 7a088e6801 Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky
2026-05-08 07:11:25 +00:00 · 2026-02-19 09:59:21 +00:00
parent ee1d6427b5
commit a7c0aa94d9
6 changed files with 78 additions and 13 deletions
--- a/src/line/download.ts
+++ b/src/line/download.ts
@@ -1,9 +1,7 @@
-import crypto from "node:crypto";
 import fs from "node:fs";
-import os from "node:os";
-import path from "node:path";
 import { messagingApi } from "@line/bot-sdk";
 import { logVerbose } from "../globals.js";
+import { buildRandomTempFilePath } from "../plugin-sdk/temp-path.js";

 interface DownloadResult {
  path: string;
@@ -11,10 +9,6 @@ interface DownloadResult {
  size: number;
 }

-function buildLineTempMediaPath(extension: string): string {
-  return path.join(os.tmpdir(), `line-media-${Date.now()}-${crypto.randomUUID()}${extension}`);
-}
-
 export async function downloadLineMedia(
  messageId: string,
  channelAccessToken: string,
@@ -45,7 +39,7 @@ export async function downloadLineMedia(
  const ext = getExtensionForContentType(contentType);

  // Use random temp names; never derive paths from external message identifiers.
-  const filePath = buildLineTempMediaPath(ext);
+  const filePath = buildRandomTempFilePath({ prefix: "line-media", extension: ext });

  await fs.promises.writeFile(filePath, buffer);